PA: Ransomware attacks info of 13K patients at Ambulatory Surgery Center at St. Mary
Jenny Wagner reports:
The Ambulatory Surgery Center at St. Mary is alerting approximately 13,000 patients about a recent data breach involving their personal information.
In letters sent to patients last week, the center, which provides outpatient surgical and diagnostic procedures, explained that staff members discovered the breach June 1 when they noticed encrypted files on an internal network. The center is owned by St. Mary Medical Center and local physicians, and is in the St. Clare Medical Building on the hospital’s main Middletown campus.
The letter stated that software known as “ransomware” was installed on the network in an attempt to prevent the center from accessing its files until it paid a ransom. A St. Mary spokeswoman said the center had a full backup of the files, however, so it was able to restore them the same day — without paying those responsible for the attack.
Read more on Bucks County Courier Times.
Having a complete backup enabled the center to avoid having to pay the ransom. Gee, do you think there’s something to be learned from that?
The center did notify patients as it could not be sure whether data were accessed, and those affected have been offered free credit monitoring services.